Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T3iwyyIwuIR78dPN42Gh88H4AFg.roa
File: T3iwyyIwuIR78dPN42Gh88H4AFg.roa (raw, json)
Hash identifier: ApuO2NbExGbql608VHqC4aMetXzPDkPBjhOZVKQSi/c=
Subject key identifier: 4F:78:B0:CB:22:30:B8:84:7B:F1:D3:CD:E3:61:A1:F3:C1:F8:00:58
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01954168D03FA4D206D43C51C7302382F6D6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T3iwyyIwuIR78dPN42Gh88H4AFg.roa
Signing time: Wed 26 Feb 2025 08:39:02 +0000
ROA not before: Wed 26 Feb 2025 08:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 62.76.230.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 10:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:68:d0:3f:a4:d2:06:d4:3c:51:c7:30:23:82:f6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 26 08:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f78b0cb2230b8847bf1d3cde361a1f3c1f80058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ed:cd:cb:9d:27:0c:cf:8c:77:97:bf:1d:1f:
8c:5e:78:1e:43:88:8d:d5:e3:72:c9:14:e7:00:2a:
b8:48:48:35:2a:5d:a8:b4:56:08:02:3b:dc:ab:db:
48:30:f9:86:e5:df:13:01:38:a6:c0:4f:eb:78:4d:
fa:2c:5d:59:bf:29:7c:7b:ac:6e:dc:2e:c8:c9:e3:
e1:e8:41:3a:ed:9c:1e:a1:7f:71:c8:58:b3:13:ba:
80:3e:ab:74:f7:3e:f1:d1:8d:42:05:92:7b:aa:8d:
32:34:2a:96:b1:1a:8c:b8:11:0f:1e:71:45:93:b4:
f9:7d:05:87:54:e4:3e:60:54:32:d8:9d:54:ef:04:
ac:fe:32:5d:0b:f9:4f:d6:58:34:35:fc:4e:52:fd:
3b:92:2f:1f:0f:eb:61:81:0d:32:72:1f:db:77:ab:
fb:61:a9:61:05:aa:10:40:6b:9e:e1:b3:09:2e:87:
93:3a:80:e8:43:2a:66:9b:ab:5e:ef:97:5d:10:68:
e1:ef:d3:7e:05:59:43:24:2b:13:51:d6:73:5a:c8:
a9:2e:ac:88:e3:39:15:8d:80:76:2f:be:d5:75:e0:
19:d7:16:22:52:59:9e:1c:c5:a0:ab:60:bf:bb:00:
99:ae:cc:49:3a:e7:95:0d:7c:65:f3:5d:9f:f0:51:
61:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:78:B0:CB:22:30:B8:84:7B:F1:D3:CD:E3:61:A1:F3:C1:F8:00:58
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T3iwyyIwuIR78dPN42Gh88H4AFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.87.59.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e2:e4:01:43:ec:7b:5d:65:aa:8d:c6:3c:63:ee:f8:a6:e1:
45:45:4e:1e:15:bf:45:4a:be:4d:b3:f4:3b:ce:d5:12:36:94:
8e:18:fc:c8:a9:95:7c:10:98:0b:27:61:61:e9:9e:56:52:40:
f7:90:63:fe:17:94:79:43:b2:ce:60:ec:ce:35:a0:75:17:4f:
6b:a1:7d:da:49:b3:6b:81:9e:83:0d:c5:ad:1e:62:32:26:7e:
64:c1:dd:4a:19:fe:62:b2:1c:fe:82:cc:24:8f:44:4a:5d:9b:
4a:e4:e4:07:14:e1:63:6f:bc:a7:32:0a:29:d6:b7:54:ac:d1:
00:c4:8e:4d:d4:cf:26:de:2f:f6:7f:cb:a8:c1:cb:b5:20:79:
1b:46:a0:fa:e3:d5:d7:30:69:18:d2:0f:ff:39:7e:7b:0f:97:
e4:76:20:84:70:dc:3e:24:83:94:e2:da:de:3a:3e:f0:13:99:
de:08:04:fd:90:7a:a2:c5:ed:55:ea:ad:aa:af:73:bc:44:6b:
9b:8f:6c:3a:44:33:d5:ed:dd:44:a0:7d:55:eb:2a:c4:27:50:
58:25:c1:27:3c:57:0b:c8:af:88:31:36:b0:be:d2:d1:37:2b:
6e:b0:e2:f8:d3:f6:96:35:40:57:90:1a:a7:3b:88:01:31:e5:
7b:9c:e6:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVBaNA/pNIG1DxRxzAjgvbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjI2MDgzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjc4YjBjYjIyMzBiODg0N2JmMWQzY2RlMzYxYTFmM2MxZjgwMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwe3Ny50nDM+Md5e/HR+MXngeQ4iN
1eNyyRTnACq4SEg1Kl2otFYIAjvcq9tIMPmG5d8TATimwE/reE36LF1Zvyl8e6xu
3C7IyePh6EE67ZweoX9xyFizE7qAPqt09z7x0Y1CBZJ7qo0yNCqWsRqMuBEPHnFF
k7T5fQWHVOQ+YFQy2J1U7wSs/jJdC/lP1lg0NfxOUv07ki8fD+thgQ0ych/bd6v7
YalhBaoQQGue4bMJLoeTOoDoQypmm6te75ddEGjh79N+BVlDJCsTUdZzWsipLqyI
4zkVjYB2L77VdeAZ1xYiUlmeHMWgq2C/uwCZrsxJOueVDXxl812f8FFhkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE94sMsiMLiEe/HTzeNhofPB+ABYMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDNpd3l5SXd1SVI3OGRQTjQyR2g4OEg0QUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkzmAwQA
wlc7MA0GCSqGSIb3DQEBCwUAA4IBAQBT4uQBQ+x7XWWqjcY8Y+74puFFRU4eFb9F
Sr5Ns/Q7ztUSNpSOGPzIqZV8EJgLJ2Fh6Z5WUkD3kGP+F5R5Q7LOYOzONaB1F09r
oX3aSbNrgZ6DDcWtHmIyJn5kwd1KGf5ishz+gswkj0RKXZtK5OQHFOFjb7ynMgop
1rdUrNEAxI5N1M8m3i/2f8uowcu1IHkbRqD649XXMGkY0g//OX57D5fkdiCEcNw+
JIOU4treOj7wE5neCAT9kHqixe1V6q2qr3O8RGubj2w6RDPV7d1EoH1V6yrEJ1BY
JcEnPFcLyK+IMTawvtLRNytusOL40/aWNUBXkBqnO4gBMeV7nObz
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:16:12 2025 by rpki-client